It’s easy to hyper-focus on growing your law practice while overlooking critical housekeeping details. Everyone gets distracted. Many attorneys have computer network problems that undercut their mission, but the symptoms aren’t as glaring as my Nest mismanagement example. Here’s a quick review of 13 fixes for 13 common problems. If you have an IT provider, they can help you with each initiative.
Fix IT Problem #1 – Install a business-class firewall
We’ve seen a lot of small law practices with prosumer firewalls. Prosumer means the device has basic professional capabilities at a lower, consumer-friendly price point. Other law firms use firewalls provided by their internet service provider.
Both devices are difficult to monitor, manage, and update remotely. And there’s a good chance they’re not being managed and, therefore, require periodic manual intervention.
These factors leave your network wide open to security breaches. That’s why we recommend a business-class solution from Cisco, Cisco Meraki, Fortinet, Palo Alto Networks, or Watchguard.
Learn More: Best Firewalls for Business
Fix Item Problem #2 – Protect your data with Managed Backup and Disaster Recovery (BDR)
A lot of small businesses cut corners on BDR. Like our firewall example, prosumer backup devices and free cloud services are everywhere.
Both options have single points of failure, remote management limitations, data volume constraints, and performance drawbacks.
A business-class solution has benefits that include but is not limited to:
- Secure onsite backup to an appliance every fifteen minutes
- Offsite data replication in multiple SOC2 TYPE 2 clouds
- Nightly test restores
- Integration with Microsoft 365 (Office, Outlook, SharePoint, and OneDrive)
The last bullet point warrants special attention. Why? Your data is not automatically backed up and retained indefinitely by Microsoft.
Which solution is right for you? The answer depends on two factors defined by Acronis, a global leader in cyber protection.
- Recovery Point Objective or RPO generally refers to the amount of data that can be lost within a period most relevant to a business before significant harm occurs, from the point of a critical event to the most preceding backup.
- Recovery Time Objective or RTO often refers to the quantity of time that an application, system and/or process, can be down for without causing significant damage to the business as well as the time spent restoring the application and its data.”
You will pay more for a BDR solution if you can’t afford to lose any data or operating time. Conversely, if your requirements are less stringent, you will pay less.
Fix IT Problem #3 – Implement Multi-Factor Authentication (MFA)
MFA is a quick security win that won’t break the bank. This simple supplemental checkpoint prompts users to take an additional step for identity verification.
Within seconds of entering login credentials into a secure website, a pop-up asks the user to submit an instantly generated code that arrives via text, email, or voice.
Even if cyber thieves steal your email address and passwords, it’s nearly impossible for them to intervene unless they also have your cellphone.
Learn More: Implementing MFA
Fix IT Problem #4 – Deploy internet content filtering to enhance security
Content filtering blocks access to any websites that pose a security threat, distract your employees or create a legal liability if X-rated material is accessed and shared on your network.
While free solutions are better than nothing, a small investment in a professional solution will ensure productivity and help you maintain compliance.
Popular vendors in this space include DNSFilter, Cisco Umbrella, WebTitan Cloud, and McAfee Web Gateway Cloud Service.
Learn More: Top Content Filtering Solutions
Fix IT Problem #5 – Remove administrative rights for end users
Corporate networks need policies that separate administrator rights from user rights. Many small business computing environments are wide open for the wrong parties to access and misconfigure settings.
Back to my Nest example: if I had children, they would be free to adjust the thermostat, but they would have permission to control the entire HVAC system from the Nest application on my cellphone or any other device.
The same rules apply to servers, switches, backup devices, workstations, and every other endpoint in your network.
Learn More: User Access Control and Permissions
Fix IT Problem #6 – Strengthen identity management with Microsoft Active Directory (AD)
Some organizations use Microsoft 365 (M365) in the cloud, but it’s not integrated with their local area network. This misalignment creates two issues:
- It requires users to employ two sets of credentials.
- It’s impossible to enforce a password policy.
Microsoft AD unifies the local computer network with M365 in the cloud. This integration improves the user experience because it allows employees to reach the entire network through a single entry point.
AD also simplifies the global administration of security updates and facilitates the easy addition and subtraction of new apps in the Microsoft Cloud.
Learn More: Microsoft Cloud AD
Fix IT Problem #7 – Upgrade or replace physical end-of-life servers and Uninterruptible Power Supplies (UPS)
Every piece of technology in your environment has an expiration date, AKA end-of-life inflection point. Cloud alternatives for file sharing and storage should be top of mind when a server is approaching its fourth birthday.
The expression “software is eating the world” is more relevant than ever. Fewer and fewer application developers want to be in the commodity hardware business when it’s easier and more profitable to create innovative subscription services.
Aging hardware depreciates like a car, loses its performance edge, and gets more expensive to support.
We recommend migrating end-of-life applications and aging hardware to cloud-based alternatives.
However, you can’t get rid of every last appliance. You still need a sturdy network foundation to avoid losing power and data.
Upgrade, replace, and refresh your tech regularly, especially the UPS.
Fix IT Problem #8 – Adopt next-generation Antivirus (AV) protection
Traditional definition-based AV is no match for the endless stream of sophisticated cybersecurity threats. Definition-based means the system “only knows what it knows.”
It’s even less effective when installed and managed locally on workstations.
Next-generation AV monitors and manages new viruses and outbreaks across the enterprise through a central server. This administrative approach has two significant benefits:
- Real-time alerting and updates
- The ability to apply the same configuration to all endpoints
Learn More: Next-Generation Antivirus
Fix IT Problem #9 – Adjust permissions across the network
Some organizations have networks that allow every user to access every file in the enterprise.
This wide-open network permission policy (or lack thereof) is a recipe for disaster. Internal users may accidentally stumble upon a co-worker’s medical history, a HIPAA violation.
And external parties may infiltrate your primary file shares after someone clicks on a phishing email. This action may lead to the theft of confidential client data.
Active Directory is an excellent vehicle to create and apply user and role-based permissions for everyone with access to the network. AD allows IT administrators to govern according to the principle of least privilege or POLP.
In short, POLP is the practice of limiting access rights for users to the bare minimum permissions needed to perform their specific responsibilities.
For example, an attorney has permission to read, write, or execute files in folders A, B, C, D, and E, while a paralegal’s permissions are limited to resources in A and B.
The same logic restricts access rights for applications, systems, processes, and devices.
Learn More: The Principle of Least Privilege (POLP)
Fix IT Problem #10 – Introduce a Cybersecurity Awareness Training Program
Over 95% of all data breaches are due to human error. Despite all the advances in protective technology, employees routinely click on malicious links and open pdf “Invoices” attached to emails.
There’s a simple solution: institute ongoing cybersecurity awareness training. This program allows you to educate, assess with ethical phishing, train, and retest your entire team throughout the year.
And the per-user pricing for basic packages is less than the cost of five Grande Café Lattes.
Learn More: Cybersecurity Awareness Training
Fix IT Problem #11 – Segment your network
Your corporate network should be separate from your guest network. Why? You don’t want a client using the Wi-Fi in your conference room to access your QuickBooks files.
Wi-Fi has other risks. Armed with laptops and hacking software, cyber thieves in the parking lot can penetrate unsecured Wi-Fi networks.
Once they land and expand, they’ll do a lot more damage than a client who accidentally stumbled upon your accounts payable ledger.
We recommend a virtual local area network or VLAN. For example, your corporate network is on VLAN One, and your guest Wi-Fi is on VLAN Two.
Learn More: How VLANs Work
Fix IT Problem #12 – Implement Mobile Device Management (MDM)
When your employees use personal devices like tablets, laptops, and smartphones, your corporate assets need an extra layer of protection. Without digital boundaries, it’s easy for third-party apps to open windows that allow threat actors to steal personal identifying information (PII) and more.
Even the innocent act of allowing your five-year-old to play around with your iPhone could lead to a data breach or an accidental and inappropriate text message to one of your friends.
Good news: MDM is available as a cost-effective add-on within M365. Now it’s more convenient than ever to monitor, manage, and support every mobile device in your digital estate.
Learn More: Intune Mobile Device Management
Fix IT Problem #13 – Get a secondary, failover internet connection
A “Plan B” applies to every endeavor in life, especially internet access. Combining a premium fiber connection with a lower-cost cable circuit gives you increased redundancy, stability, and performance.
One internet connection is not enough!
Many organizations love the reliability of fiber and the speed of cable internet. It’s common to use cable as the lead connection due to its faster download properties. Then, if the cable circuit has throughput issues or drops, automatic settings on the firewall reroute the traffic to the fiber circuit.
Traffic can also be load-balanced to shift between the two internet connections. This feature means users always get the fastest path.
Learn More: Secondary ISP Best Practices
How do you activate all of these IT fixes?
Unlike townhouse owners who take forever to understand the nuances of their Nest application, law firms with fewer than ten employees and other SMBs have a host of local MSP options.
My sleep, quality of life, and productivity took a hit for four years. And there was only one root cause. Your network is much more complex, which means a variety of gaps could be making your business life more complicated and risky than necessary.
A best-in-class MSP can assess, document, and make recommendations that have an immediate impact on your growth trajectory. They can also monitor, manage, secure, and support all moving parts for a fixed monthly fee.
Finally, the MSP can bundle managed firewalls, data backup devices, MFA, content filtering, cybersecurity awareness training, MDM, internet access, and more into the mix.
Learn More: IT Support for Law Firms